From: Akeem G Abodunrin <akeem.g.abodunrin@intel.com> To: akeem.g.abodunrin@intel.com, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, omer.aran@intel.com, pragyansri.pathi@intel.com, d.scott.phillips@intel.com, david.c.stewart@intel.com, tony.luck@intel.com, jon.bloomfield@intel.com, sudeep.dutt@intel.com, daniel.vetter@intel.com, joonas.lahtinen@linux.intel.com, jani.nikula@intel.com, chris.p.wilson@intel.com, prathap.kumar.valsan@intel.com, mika.kuoppala@intel.com, francesco.balestrieri@intel.com Subject: [PATCH v4 0/2] Security mitigation for Intel Gen7/7.5 HWs Date: Thu, 20 Feb 2020 15:00:21 -0800 [thread overview] Message-ID: <20200220230023.18905-1-akeem.g.abodunrin@intel.com> (raw) Intel ID: PSIRT-TA-201910-001 CVEID: CVE-2019-14615 Summary of Vulnerability ------------------------ Insufficient control flow in certain data structures for some Intel(R) Processors with Intel Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access Products affected: ------------------ Intel CPU’s with Gen7, Gen7.5 and Gen9 Graphics. Mitigation Summary ------------------ This patch provides mitigation for Gen7 and Gen7.5 hardware only. Patch for Gen9 devices have been provided and merged to Linux mainline, and backported to stable kernels. Note that Gen8 is not impacted due to a previously implemented workaround. The mitigation involves submitting a custom EU kernel prior to every context restore, in order to forcibly clear down residual EU and URB resources. The custom CB kernels are generated/assembled automatically, using Mesa (an open source tool) and IGT GPU tool - assembly sources are provided with IGT source code. This security mitigation change does not trigger any known performance regression. Performance is on par with current mainline/drm-tip. Note on Address Space Isolation (Full PPGTT) -------------------------------------------- Isolation of EU kernel assets should be considered complementary to the existing support for address space isolation (aka Full PPGTT), since without address space isolation there is minimal value in preventing leakage between EU contexts. Full PPGTT has long been supported on Gen Gfx devices since Gen8, and protection against EU residual leakage is a welcome addition for these newer platforms. By contrast, Gen7 and Gen7.5 device introduced Full PPGTT support only as a hardware development feature for anticipated Gen8 productization. Support was never intended for, or provided to the Linux kernels for these platforms. Recent work (still ongoing) to the mainline kernel is retroactively providing this support, but due to the level of complexity it is not practical to attempt to backport this to earlier stable kernels. Since without Full PPGTT, EU residuals protection has questionable benefit, *there are no plans to provide stable kernel backports for this patch series.* Mika Kuoppala (1): drm/i915: Add mechanism to submit a context WA on ring submission Prathap Kumar Valsan (1): drm/i915/gen7: Clear all EU/L3 residual contexts drivers/gpu/drm/i915/Makefile | 1 + drivers/gpu/drm/i915/gt/gen7_renderclear.c | 402 ++++++++++++++++++ drivers/gpu/drm/i915/gt/gen7_renderclear.h | 15 + drivers/gpu/drm/i915/gt/hsw_clear_kernel.c | 61 +++ drivers/gpu/drm/i915/gt/intel_gpu_commands.h | 17 +- .../gpu/drm/i915/gt/intel_ring_submission.c | 135 +++++- drivers/gpu/drm/i915/gt/ivb_clear_kernel.c | 61 +++ 7 files changed, 685 insertions(+), 7 deletions(-) create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.c create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.h create mode 100644 drivers/gpu/drm/i915/gt/hsw_clear_kernel.c create mode 100644 drivers/gpu/drm/i915/gt/ivb_clear_kernel.c -- 2.20.1 _______________________________________________ dri-devel mailing list dri-devel@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/dri-devel
WARNING: multiple messages have this Message-ID (diff)
From: Akeem G Abodunrin <akeem.g.abodunrin@intel.com> To: akeem.g.abodunrin@intel.com, intel-gfx@lists.freedesktop.org, dri-devel@lists.freedesktop.org, omer.aran@intel.com, pragyansri.pathi@intel.com, d.scott.phillips@intel.com, david.c.stewart@intel.com, tony.luck@intel.com, jon.bloomfield@intel.com, sudeep.dutt@intel.com, daniel.vetter@intel.com, joonas.lahtinen@linux.intel.com, jani.nikula@intel.com, chris.p.wilson@intel.com, prathap.kumar.valsan@intel.com, mika.kuoppala@intel.com, francesco.balestrieri@intel.com Subject: [Intel-gfx] [PATCH v4 0/2] Security mitigation for Intel Gen7/7.5 HWs Date: Thu, 20 Feb 2020 15:00:21 -0800 [thread overview] Message-ID: <20200220230023.18905-1-akeem.g.abodunrin@intel.com> (raw) Intel ID: PSIRT-TA-201910-001 CVEID: CVE-2019-14615 Summary of Vulnerability ------------------------ Insufficient control flow in certain data structures for some Intel(R) Processors with Intel Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access Products affected: ------------------ Intel CPU’s with Gen7, Gen7.5 and Gen9 Graphics. Mitigation Summary ------------------ This patch provides mitigation for Gen7 and Gen7.5 hardware only. Patch for Gen9 devices have been provided and merged to Linux mainline, and backported to stable kernels. Note that Gen8 is not impacted due to a previously implemented workaround. The mitigation involves submitting a custom EU kernel prior to every context restore, in order to forcibly clear down residual EU and URB resources. The custom CB kernels are generated/assembled automatically, using Mesa (an open source tool) and IGT GPU tool - assembly sources are provided with IGT source code. This security mitigation change does not trigger any known performance regression. Performance is on par with current mainline/drm-tip. Note on Address Space Isolation (Full PPGTT) -------------------------------------------- Isolation of EU kernel assets should be considered complementary to the existing support for address space isolation (aka Full PPGTT), since without address space isolation there is minimal value in preventing leakage between EU contexts. Full PPGTT has long been supported on Gen Gfx devices since Gen8, and protection against EU residual leakage is a welcome addition for these newer platforms. By contrast, Gen7 and Gen7.5 device introduced Full PPGTT support only as a hardware development feature for anticipated Gen8 productization. Support was never intended for, or provided to the Linux kernels for these platforms. Recent work (still ongoing) to the mainline kernel is retroactively providing this support, but due to the level of complexity it is not practical to attempt to backport this to earlier stable kernels. Since without Full PPGTT, EU residuals protection has questionable benefit, *there are no plans to provide stable kernel backports for this patch series.* Mika Kuoppala (1): drm/i915: Add mechanism to submit a context WA on ring submission Prathap Kumar Valsan (1): drm/i915/gen7: Clear all EU/L3 residual contexts drivers/gpu/drm/i915/Makefile | 1 + drivers/gpu/drm/i915/gt/gen7_renderclear.c | 402 ++++++++++++++++++ drivers/gpu/drm/i915/gt/gen7_renderclear.h | 15 + drivers/gpu/drm/i915/gt/hsw_clear_kernel.c | 61 +++ drivers/gpu/drm/i915/gt/intel_gpu_commands.h | 17 +- .../gpu/drm/i915/gt/intel_ring_submission.c | 135 +++++- drivers/gpu/drm/i915/gt/ivb_clear_kernel.c | 61 +++ 7 files changed, 685 insertions(+), 7 deletions(-) create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.c create mode 100644 drivers/gpu/drm/i915/gt/gen7_renderclear.h create mode 100644 drivers/gpu/drm/i915/gt/hsw_clear_kernel.c create mode 100644 drivers/gpu/drm/i915/gt/ivb_clear_kernel.c -- 2.20.1 _______________________________________________ Intel-gfx mailing list Intel-gfx@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/intel-gfx
next reply other threads:[~2020-02-21 6:16 UTC|newest] Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top 2020-02-20 23:00 Akeem G Abodunrin [this message] 2020-02-20 23:00 ` [Intel-gfx] [PATCH v4 0/2] Security mitigation for Intel Gen7/7.5 HWs Akeem G Abodunrin 2020-02-20 23:00 ` [PATCH v4 1/2] drm/i915: Add mechanism to submit a context WA on ring submission Akeem G Abodunrin 2020-02-20 23:00 ` [Intel-gfx] " Akeem G Abodunrin 2020-02-21 14:48 ` Chris Wilson 2020-02-21 14:48 ` [Intel-gfx] " Chris Wilson 2020-02-20 23:00 ` [PATCH v4 2/2] drm/i915/gen7: Clear all EU/L3 residual contexts Akeem G Abodunrin 2020-02-20 23:00 ` [Intel-gfx] " Akeem G Abodunrin 2020-02-21 14:56 ` Chris Wilson 2020-02-21 14:56 ` [Intel-gfx] " Chris Wilson 2020-02-21 7:10 ` [Intel-gfx] ✗ Fi.CI.CHECKPATCH: warning for Security mitigation for Intel Gen7/7.5 HWs Patchwork 2020-02-21 7:54 ` [Intel-gfx] ✓ Fi.CI.BAT: success " Patchwork 2020-02-24 0:13 ` [Intel-gfx] ✗ Fi.CI.IGT: failure " Patchwork
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20200220230023.18905-1-akeem.g.abodunrin@intel.com \ --to=akeem.g.abodunrin@intel.com \ --cc=chris.p.wilson@intel.com \ --cc=d.scott.phillips@intel.com \ --cc=daniel.vetter@intel.com \ --cc=david.c.stewart@intel.com \ --cc=dri-devel@lists.freedesktop.org \ --cc=francesco.balestrieri@intel.com \ --cc=intel-gfx@lists.freedesktop.org \ --cc=jani.nikula@intel.com \ --cc=jon.bloomfield@intel.com \ --cc=joonas.lahtinen@linux.intel.com \ --cc=mika.kuoppala@intel.com \ --cc=omer.aran@intel.com \ --cc=pragyansri.pathi@intel.com \ --cc=prathap.kumar.valsan@intel.com \ --cc=sudeep.dutt@intel.com \ --cc=tony.luck@intel.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.